InvariantRegistry

InvariantRegistry is an on-chain, tamper-proof registry for smart contract security invariants. Developers can publish invariants linked to a target contract, and each entry is versioned, timestamped, and publicly verifiable. This creates a transparent and permanent record of the assumptions and guarantees a contract relies on, improving auditability and long-term security. The registry also allows authors to toggle the active status of their invariants as contracts evolve. By storing security expectations directly on-chain, InvariantRegistry helps teams communicate intent, track changes, and provide auditors and users with a reliable source of truth about the contract’s expected behavior

InvariantRegistry is built using Solidity and Scaffold-ETH 2 to provide a simple, end-to-end development environment. The core of the project is a smart contract that defines a structured storage system for invariants, including author address, target contract, description, version number, timestamp, and active status. I used Foundry + Hardhat tooling inside Scaffold-ETH for compiling, deploying, and testing the contract locally.

The frontend interactions are handled through the built-in Scaffold-ETH Debug UI, which allowed me to focus on contract logic rather than UI complexity. Users can call the contract’s write functions (addInvariant, toggleInvariant) directly from this interface, and the read functions expose stored data immediately.

The architecture is intentionally minimal and transparent: pure Solidity storage, no external dependencies, no oracle calls, and no custom backend. This makes the invariant registry fully decentralized and easy to audit.